vbatts/cri-o
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

lib,oci: drop stateLock when possible

Browse source 
Should fix a possible deadlock in, at least, ListPodSandbox.
There seems to be no reason to hold stateLock when doing operations on
the memory_store for containers and sandboxes.

Signed-off-by: Antonio Murdaca <runcom@redhat.com>
This commit is contained in:
Antonio Murdaca 2017-12-15 15:31:55 +01:00
parent 2fa1f3f74a
commit ecc572e7cf
No known key found for this signature in database
GPG key ID: B2BEAD150DE936B9
3 changed files with 14 additions and 35 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

43
lib/container_server.go
View file

@ -624,8 +624,6 @@ type containerServerState struct {
// AddContainer adds a container to the container state store // AddContainer adds a container to the container state store
func (c *ContainerServer) AddContainer(ctr *oci.Container) { func (c *ContainerServer) AddContainer(ctr *oci.Container) {
c.stateLock.Lock()
defer c.stateLock.Unlock()
sandbox := c.state.sandboxes.Get(ctr.Sandbox()) sandbox := c.state.sandboxes.Get(ctr.Sandbox())
sandbox.AddContainer(ctr) sandbox.AddContainer(ctr)
c.state.containers.Add(ctr.ID(), ctr) c.state.containers.Add(ctr.ID(), ctr)
@ -633,37 +631,26 @@ func (c *ContainerServer) AddContainer(ctr *oci.Container) {
// AddInfraContainer adds a container to the container state store // AddInfraContainer adds a container to the container state store
func (c *ContainerServer) AddInfraContainer(ctr *oci.Container) { func (c *ContainerServer) AddInfraContainer(ctr *oci.Container) {
c.stateLock.Lock()
defer c.stateLock.Unlock()
c.state.infraContainers.Add(ctr.ID(), ctr) c.state.infraContainers.Add(ctr.ID(), ctr)
} }
// GetContainer returns a container by its ID // GetContainer returns a container by its ID
func (c *ContainerServer) GetContainer(id string) *oci.Container { func (c *ContainerServer) GetContainer(id string) *oci.Container {
c.stateLock.Lock()
defer c.stateLock.Unlock()
return c.state.containers.Get(id) return c.state.containers.Get(id)
} }
// GetInfraContainer returns a container by its ID // GetInfraContainer returns a container by its ID
func (c *ContainerServer) GetInfraContainer(id string) *oci.Container { func (c *ContainerServer) GetInfraContainer(id string) *oci.Container {
c.stateLock.Lock()
defer c.stateLock.Unlock()
return c.state.infraContainers.Get(id) return c.state.infraContainers.Get(id)
} }
// HasContainer checks if a container exists in the state // HasContainer checks if a container exists in the state
func (c *ContainerServer) HasContainer(id string) bool { func (c *ContainerServer) HasContainer(id string) bool {
c.stateLock.Lock() return c.state.containers.Get(id) != nil
defer c.stateLock.Unlock()
ctr := c.state.containers.Get(id)
return ctr != nil
} }
// RemoveContainer removes a container from the container state store // RemoveContainer removes a container from the container state store
func (c *ContainerServer) RemoveContainer(ctr *oci.Container) { func (c *ContainerServer) RemoveContainer(ctr *oci.Container) {
c.stateLock.Lock()
defer c.stateLock.Unlock()
sbID := ctr.Sandbox() sbID := ctr.Sandbox()
sb := c.state.sandboxes.Get(sbID) sb := c.state.sandboxes.Get(sbID)
sb.RemoveContainer(ctr) sb.RemoveContainer(ctr)
@ -672,15 +659,11 @@ func (c *ContainerServer) RemoveContainer(ctr *oci.Container) {
// RemoveInfraContainer removes a container from the container state store // RemoveInfraContainer removes a container from the container state store
func (c *ContainerServer) RemoveInfraContainer(ctr *oci.Container) { func (c *ContainerServer) RemoveInfraContainer(ctr *oci.Container) {
c.stateLock.Lock()
defer c.stateLock.Unlock()
c.state.infraContainers.Delete(ctr.ID()) c.state.infraContainers.Delete(ctr.ID())
} }
// listContainers returns a list of all containers stored by the server state // listContainers returns a list of all containers stored by the server state
func (c *ContainerServer) listContainers() []*oci.Container { func (c *ContainerServer) listContainers() []*oci.Container {
c.stateLock.Lock()
defer c.stateLock.Unlock()
return c.state.containers.List() return c.state.containers.List()
} }
@ -704,43 +687,36 @@ func (c *ContainerServer) ListContainers(filters ...func(*oci.Container) bool) (
// AddSandbox adds a sandbox to the sandbox state store // AddSandbox adds a sandbox to the sandbox state store
func (c *ContainerServer) AddSandbox(sb *sandbox.Sandbox) { func (c *ContainerServer) AddSandbox(sb *sandbox.Sandbox) {
c.stateLock.Lock()
defer c.stateLock.Unlock()
c.state.sandboxes.Add(sb.ID(), sb) c.state.sandboxes.Add(sb.ID(), sb)
c.stateLock.Lock()
c.state.processLevels[selinux.NewContext(sb.ProcessLabel())["level"]]++ c.state.processLevels[selinux.NewContext(sb.ProcessLabel())["level"]]++
c.stateLock.Unlock()
} }
// GetSandbox returns a sandbox by its ID // GetSandbox returns a sandbox by its ID
func (c *ContainerServer) GetSandbox(id string) *sandbox.Sandbox { func (c *ContainerServer) GetSandbox(id string) *sandbox.Sandbox {
c.stateLock.Lock()
defer c.stateLock.Unlock()
return c.state.sandboxes.Get(id) return c.state.sandboxes.Get(id)
} }
// GetSandboxContainer returns a sandbox's infra container // GetSandboxContainer returns a sandbox's infra container
func (c *ContainerServer) GetSandboxContainer(id string) *oci.Container { func (c *ContainerServer) GetSandboxContainer(id string) *oci.Container {
c.stateLock.Lock()
defer c.stateLock.Unlock()
sb := c.state.sandboxes.Get(id) sb := c.state.sandboxes.Get(id)
return sb.InfraContainer() return sb.InfraContainer()
} }
// HasSandbox checks if a sandbox exists in the state // HasSandbox checks if a sandbox exists in the state
func (c *ContainerServer) HasSandbox(id string) bool { func (c *ContainerServer) HasSandbox(id string) bool {
c.stateLock.Lock() return c.state.sandboxes.Get(id) != nil
defer c.stateLock.Unlock()
sb := c.state.sandboxes.Get(id)
return sb != nil
} }
// RemoveSandbox removes a sandbox from the state store // RemoveSandbox removes a sandbox from the state store
func (c *ContainerServer) RemoveSandbox(id string) { func (c *ContainerServer) RemoveSandbox(id string) {
c.stateLock.Lock()
defer c.stateLock.Unlock()
sb := c.state.sandboxes.Get(id) sb := c.state.sandboxes.Get(id)
processLabel := sb.ProcessLabel() processLabel := sb.ProcessLabel()
c.state.sandboxes.Delete(id)
level := selinux.NewContext(processLabel)["level"] level := selinux.NewContext(processLabel)["level"]
c.stateLock.Lock()
pl, ok := c.state.processLevels[level] pl, ok := c.state.processLevels[level]
if ok { if ok {
c.state.processLevels[level] = pl - 1 c.state.processLevels[level] = pl - 1
@ -749,12 +725,13 @@ func (c *ContainerServer) RemoveSandbox(id string) {
delete(c.state.processLevels, level) delete(c.state.processLevels, level)
} }
} }
c.stateLock.Unlock()
c.state.sandboxes.Delete(id)
} }
// ListSandboxes lists all sandboxes in the state store // ListSandboxes lists all sandboxes in the state store
func (c *ContainerServer) ListSandboxes() []*sandbox.Sandbox { func (c *ContainerServer) ListSandboxes() []*sandbox.Sandbox {
c.stateLock.Lock()
defer c.stateLock.Unlock()
return c.state.sandboxes.List() return c.state.sandboxes.List()
} }

3
lib/sandbox/memory_store.go
View file

@ -25,8 +25,9 @@ func (c *memoryStore) Add(id string, cont *Sandbox) {
// Get returns a sandbox from the store by id. // Get returns a sandbox from the store by id.
func (c *memoryStore) Get(id string) *Sandbox { func (c *memoryStore) Get(id string) *Sandbox {
var res *Sandbox
c.RLock() c.RLock()
res := c.s[id] res = c.s[id]
c.RUnlock() c.RUnlock()
return res return res
} }

3
oci/memory_store.go
View file

@ -25,8 +25,9 @@ func (c *memoryStore) Add(id string, cont *Container) {
// Get returns a container from the store by id. // Get returns a container from the store by id.
func (c *memoryStore) Get(id string) *Container { func (c *memoryStore) Get(id string) *Container {
var res *Container
c.RLock() c.RLock()
res := c.s[id] res = c.s[id]
c.RUnlock() c.RUnlock()
return res return res
} }